Do you know you can make money by Reporting Vulnerability On websites !Rathers than defacing a website or any harm, you have sumbit bug to website's admin and you'll Get reward for it. Take a Look of Vulnerability reporting Programs & Thier rewards !Reporting Vulnerability on Google

In Google Vulnerability reward program you can submit Vulnerabilities and Bugs on

.google.com

.youtube.com

.blogger.com

.orkut.com

and sub domains of these websites, Like mail.google.com, sandbox.orkut.com etc !

You can report these Vulnerabilities on Google

Cross-site scripting

Cross-site request forgery

Cross-site script inclusion

Flaws in authentication and authorization mechanisms

Server-side code execution or command injection bugs.

Rewards for vulnerablity report on google

accounts.google.com

Other highly sensitive services [1]

Normal Google applications

Non-integrated acquisitions and other lower priority sites [2]

Remote code execution

$20,000

$20,000

$20,000

$5,000

SQL injection or equivalent

$10,000

$10,000

$10,000

$5,000

Significant authentication bypass or information leak

$10,000

$5,000

$1,337

$500

Typical XSS

$3,133.7

$1,337

$500

$100

XSRF, XSSI, and other common web flaws

$500 - $3,133.7

(depending on impact)

$500 - $1,337

(depending on impact)

$500

$100

Send your report to security@google.com

Reporting Vulnerability on Facebook

You can sumbit these bugs to facebook

ross-Site Scripting (XSS)

Cross-Site Request Forgery (CSRF/XSRF)

Remote Code Injection

Broken Authentication (including Facebook OAuth bugs)

Circumvention of our Platform permission model

A bug that allows the viewing of private user data

Rewards :

you'll get $500 USD for reporting a Bug, it may increase the reward for specific bugs